diff --git a/testsite/group_vars/all.yml b/testsite/group_vars/all.yml
index 2cdfa0a62e94bbf9ddf7df81b146c1695c04893c..e37d3b30b06db03dcb81d0759d97e6afb677e348 100644
--- a/testsite/group_vars/all.yml
+++ b/testsite/group_vars/all.yml
@@ -45,4 +45,19 @@ ca_certificates:
 
 incoming_connection_limit: 2/second
 
-incoming_connection_limit_burst: 6
\ No newline at end of file
+incoming_connection_limit_burst: 6
+
+# Default LDAP client configuration.
+ldap_client_config:
+  - comment: Set the base DN
+    option: BASE
+    value: "{{ testsite_ldap_base }}"
+  - comment: Set the default URI
+    option: URI
+    value: ldap://ldap.{{ testsite_domain }}/
+  - comment: Set the LDAP TLS truststore
+    option: TLS_CACERT
+    value: /etc/ssl/certs/ca.pem
+  - comment: Enforce TLS
+    option: TLS_REQCERT
+    value: demand